CVE-2018-0734
- EPSS 12.15%
- Veröffentlicht 30.10.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:50
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1....
CVE-2018-0735
- EPSS 4.76%
- Veröffentlicht 29.10.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:50
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in Ope...
CVE-2018-18718
- EPSS 0.41%
- Veröffentlicht 29.10.2018 12:29:06
- Zuletzt bearbeitet 21.11.2024 03:56:26
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.
CVE-2018-18710
- EPSS 0.5%
- Veröffentlicht 29.10.2018 12:29:05
- Zuletzt bearbeitet 21.11.2024 03:56:25
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds c...
CVE-2018-18690
- EPSS 0.68%
- Veröffentlicht 26.10.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:56:22
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_...
CVE-2018-15686
- EPSS 2.28%
- Veröffentlicht 26.10.2018 14:29:00
- Zuletzt bearbeitet 09.06.2025 16:15:28
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affec...
CVE-2018-15688
- EPSS 1.68%
- Veröffentlicht 26.10.2018 14:29:00
- Zuletzt bearbeitet 09.06.2025 16:15:28
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
CVE-2018-14665
- EPSS 27.04%
- Veröffentlicht 25.10.2018 20:29:00
- Zuletzt bearbeitet 29.08.2025 13:42:30
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the...
CVE-2016-10729
- EPSS 1.19%
- Veröffentlicht 24.10.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 02:44:36
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate comma...
CVE-2018-18605
- EPSS 2.32%
- Veröffentlicht 23.10.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:56:14
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merge...